--- rpms/smeserver-qpsmtpd/sme10/smeserver-qpsmtpd.spec 2016/03/30 02:16:21 1.2 +++ rpms/smeserver-qpsmtpd/sme10/smeserver-qpsmtpd.spec 2022/04/06 03:11:52 1.53 @@ -1,25 +1,36 @@ -# $Id: smeserver-qpsmtpd.spec,v 1.1 2016/02/05 23:28:48 stephdl Exp $ +# $Id: smeserver-qpsmtpd.spec,v 1.52 2022/04/05 22:12:02 jpp Exp $ Summary: SME Server qpsmtpd module %define name smeserver-qpsmtpd Name: %{name} -%define version 2.6.0 -%define release 2 +%define version 2.7.0 +%define release 10 Version: %{version} Release: %{release}%{?dist} License: GPL Group: Networking/Daemons Source: %{name}-%{version}.tar.xz -Patch0: smeserver-qpsmtpd-2.6.0-PERMS.patch +Patch0: smeserver-qpsmtpd-2.7.0-bz10958-preset.patch +Patch1: smeserver-qpsmtpd-2.7.0-bz11492-reject_threshold-deprecated.patch +Patch2: smeserver-qpsmtpd-2.7.0-bz11648-tnef2mime.patch +Patch3: smeserver-qpsmtpd-2.7.0-11759.patch +Patch4: smeserver-qpsmtpd-2.7.0-bz10289-spamcheck-fetchedmail.patch +Patch5: smeserver-qpsmtpd-2.7.0-bz11864.patch +Patch6: smeserver-qpsmtpd-2.7.0-bz11858-softlimit.patch +Patch7: smeserver-qpsmtpd-2.7.0-bz11933-pseudoemail.patch + BuildRoot: /var/tmp/%{name}-%{version}-%{release}-buildroot -Requires: qpsmtpd >= 0.83 +Requires: qpsmtpd >= 0.96-19 Requires: perl(Mail::DKIM) Requires: perl(Mail::DKIM::DkSignature) +Requires: perl(ClamAV::Client) +Requires: perl(Mail::DMARC) Requires: daemontools Requires: qpsmtpd-plugins >= 0.0.1-sme04 Requires: ipsvd Requires: e-smith-lib >= 1.16.0-08 Requires: e-smith-cvm-unix-local +Requires: smeserver-clamav >= 2.7.0 Obsoletes: e-smith-obtuse-smtpd Obsoletes: e-smith-qmail-smtpd Obsoletes: e-smith-mailfront @@ -42,7 +53,166 @@ AutoReqProv: no SME Server qpsmtpd smtpd module %changelog -* Tue Mar 29 2016 Jean-Philipe Pialasse 2.6.0-2.sme +* Tue Apr 05 2022 Jean-Philippe Pialasse 2.7.0-10.sme +- fix unable to set internal only pseudonym as full email [SME: 11933] + +* Tue Apr 05 2022 Jean-Philippe Pialasse 2.7.0-9.sme +- add softlimit template for qpsmtpd [SME: 11858] + increase softlimit to 50000000. + +* Thu Feb 10 2022 Jean-Philippe Pialasse 2.7.0-8.sme +- fix regression Set the default helo policy to lenient [SME: 11864] + +* Tue Nov 16 2021 Jean-Philippe Pialasse 2.7.0-7.sme +- mail sent on 127.0.0.200:25 should be spam checked [SME: 10289] + filtering again fetchmail originating mails + +* Mon Nov 15 2021 Jean-Philippe Pialasse 2.7.0-6.sme +- sighup on reload [SME: 11759] + +* Thu Sep 16 2021 Jean-Philippe Pialasse 2.7.0-5.sme +- fix tnef2mime FATAL PLUGIN ERROR [SME: 11648] + this will be a temp fix by redefining MIME::Parser::Filer::output_path + until it has been fixed upstream + +* Tue Mar 30 2021 Jean-Philippe Pialasse 2.7.0-3.sme +- update depreacted reject_threshold to reject [SME: 11492] + +* Fri Feb 12 2021 Jean-Philippe Pialasse 2.7.0-2.sme +- remove /usr/lib/systemd/system-preset/80-koozali-qpsmtpd.preset [SME: 10958] + +* Wed Dec 16 2020 John Crisp 2.7.0-1.sme +- modify for clamav 0.103.0 [SME: 11210] +- roll up patches + +* Thu Dec 10 2020 Michel Begue 2.6.0-40.sme +- add Requires=runit.service (qpsmtpd & sqpsmtpd) [SME: 11245] + +* Sun Dec 06 2020 Jean-Philippe Pialasse 2.6.0-39.sme +- fix service not enabled [SME: 11107] + remove reset-unsavedflag + +* Fri Nov 27 2020 Michel Begue 2.6.0-37.sme +- Move qpsmtpd & sqpsmtpd services to systemd [SME: 11107] +- Create smeserver-qpsmtpd-update event [SME: 11164] + +* Sat Jun 27 2020 Jean-Philippe Pialasse 2.6.0-36.sme +- expand badrcptto_ext when needed [SME: 10638] + this avoid user, group or pseudonyms for internal purpose to be reachable + from outside + +* Sat May 02 2020 Jean-Philippe Pialasse 2.6.0-34.sme +- minimum Protocol TLSv1.0 [SME: 10460] + better ciphers order. + +* Sun Mar 11 2018 Jean-Philippe Pialasse 2.6.0-32.sme +- add forcespamcheck support for fetchmail [SME: 10290] + +* Thu Aug 3 2017 Daniel Berteaud 2.6.0-31.sme +- Log DMARC reporting in syslog instead of sending email to the admin. + Also suppress SSL connection failed warnings [SME: 10298] + +* Sat May 20 2017 Daniel Berteaud 2.6.0-30.sme +- Turn DMARC reporting off by default [SME: 10303] + +* Wed Apr 12 2017 Jean-Philippe Pialasse 2.6.0-29.sme +- update patch smeserver-qpsmtpd-2.6.0-smtpd_to_qpsmtpd.patch [SME: 9478] +- Greeting property was still attached to smtpd in a template + +* Mon Feb 27 2017 Jean-Philippe Pialasse 2.6.0-28.sme +- updated regex for RBL and SBL in smeserver-qpsmtpd-2.6.0-change_rbl_sbl_list_separator.patch +- to take into account list using a subdomain [SME: 10123] +- Eliminated rpmbuild "bogus date" warnings due to inconsistent weekday, + by assuming the date is correct and changing the weekday. + Thu May 11 2005 --> Thu May 05 2005 or Wed May 11 2005 or Thu May 12 2005 or .... + Sun Sep 25 2010 --> Sun Sep 19 2010 or Sat Sep 25 2010 or Sun Sep 26 2010 or .... + +* Tue Jul 12 2016 Daniel Berteaud 2.6.0-27.sme +- Turn SPF and DMARC rejects off by default [SME: 9664] + +* Fri Jun 17 2016 Daniel Berteaud 2.6.0-26.sme +- Fix disabling DMARC reporting [SME: 9206] + +* Tue Jun 7 2016 Daniel Berteaud 2.6.0-25.sme +- Add missing tnef2mime and MaximumDateOffset to qpsmtpd [SME: 9560] + +* Fri May 27 2016 Daniel Berteaud 2.6.0-24.sme +- Create missing directories for DKIM keys [SME: 9496] +- Create missing directory for the DMARC report database [SME: 9206] + +* Tue May 24 2016 Daniel Berteaud 2.6.0-23.sme +- Remove o and r DKIM fields as they are not standard [SME: 9496] + +* Mon May 16 2016 Daniel Berteaud 2.6.0-22.sme +- In qpsmtpd-print-dns set DKIM options after the public key so the string + will still be splitted correctly [SME: 9496] + +* Sat May 7 2016 Daniel Berteaud 2.6.0-21.sme +- Fix a syntax error in qpsmtpd-print-dns script [SME: 9206] + +* Fri May 6 2016 Daniel Berteaud 2.6.0-20.sme +- Enable DMARC checking and reporting [SME: 9206] +- Add helper to publish DKIM/DMARC/SPF policy [SME: 9496] +- Allow DKIM signing of outbound emails [SME: 9496] +- Possibility to reject on SPF failure [SME: 9479] + +* Fri May 6 2016 Daniel Berteaud 2.6.0-19.sme +- Enable inbound dkim checking (without reject) [SME: 9480] + +* Fri May 6 2016 Daniel Berteaud 2.6.0-18.sme +- Enable inbound SPF checking (without reject) [SME: 9479] + +* Fri Apr 22 2016 Daniel Berteaud 2.6.0-17.sme +- Merge smtpd entry into qpsmtpd, same for ssmtpd into sqpsmtpd [SME: 9478] + +* Fri Apr 22 2016 Daniel Berteaud 2.6.0-16.sme +- Use an additional badrcptto file list for external connections so + local only pseudonymes work as expected [SME: 9460] [SME: 4597] + +* Thu Apr 21 2016 Daniel Berteaud 2.6.0-15.sme +- Call karma before earlytalker and add support for the new strikes param + [SME: 9462] + +* Wed Apr 20 2016 Daniel Berteaud 2.6.0-14.sme +- Use the naughty plugin to defer rejections, leaving users an opportunity + to authenticate [SME: 5092] + +* Wed Apr 20 2016 Daniel Berteaud 2.6.0-13.sme +- Use the helo plugin to check reverse DNS [SME: 2370] + +* Mon Apr 18 2016 Daniel Berteaud 2.6.0-12.sme +- Add support for uribl plugin, disabled by default [SME: 9467] + +* Sun Apr 17 2016 Daniel Berteaud 2.6.0-11.sme +- Change separator for SBList and RBLlist from : to , [SME: 8484] + +* Sun Apr 17 2016 Daniel Berteaud 2.6.0-10.sme +- Allow setting the karma negative value from the KarmaNegative prop + [SME: 9462] + +* Sun Apr 17 2016 Daniel Berteaud 2.6.0-9.sme +- Fix max_size param for the clamdscan plugin [SME: 9465] + +* Sun Apr 17 2016 Daniel Berteaud 2.6.0-8.sme +- Use clamdscan plugin instead of clamav [SME: 9465] + +* Sat Apr 16 2016 Daniel Berteaud 2.6.0-7.sme +- Enable the bogus_bounce plugin [SME: 9464] + +* Sat Apr 16 2016 Daniel Berteaud 2.6.0-6.sme +- Enable the loadcheck plugin [SME: 9463] + +* Sat Apr 16 2016 Daniel Berteaud 2.6.0-5.sme +- Add support for the karma plugin, but keep it disabled by default + [SME: 9462] + +* Sat Apr 16 2016 Daniel Berteaud 2.6.0-4.sme +- Create a dhparam for qpsmtpd [SME: 9461] + +* Sat Apr 16 2016 Daniel Berteaud 2.6.0-3.sme +- Adapt for qpsmtpd-0.96 (mainly plugin renamed) [SME: 9460] + +* Tue Mar 29 2016 Jean-Philippe Pialasse 2.6.0-2.sme - fix warning on spool_dir perms [SME: 9408] - smeserver-qpsmtpd-2.6.0-PERMS.patch @@ -113,10 +283,12 @@ SME Server qpsmtpd smtpd module * Fri Oct 1 2010 Daniel Berteaud 2.2.0-10.sme - Fix RelayRequiresAuth for local network [SME: 5575] -* Sun Sep 25 2010 Shad L. Lords 2.2.0-9.sme +* Sat Sep 25 2010 Shad L. Lords 2.2.0-9.sme + Sun Sep 25 2010 --> Sun Sep 19 2010 or Sat Sep 25 2010 or Sun Sep 26 2010 or .... - Make tls ciphers configurable [SME: 6241] -* Sun Sep 25 2010 Shad L. Lords 2.2.0-8.sme +* Sat Sep 25 2010 Shad L. Lords 2.2.0-8.sme + Sun Sep 25 2010 --> Sun Sep 19 2010 or Sat Sep 25 2010 or Sun Sep 26 2010 or .... - Require auth for all relays (local too) [SME: 5575] * Sat Jun 5 2010 Ian Wells 2.2.0-7.sme @@ -620,16 +792,19 @@ SME Server qpsmtpd smtpd module - Make sure that empty templates-begin files exist in peers/{0,local} templates directories. -* Thu May 11 2005 Gordon Rowell +* Wed May 11 2005 Gordon Rowell + Thu May 11 2005 --> Thu May 05 2005 or Wed May 11 2005 or Thu May 12 2005 or .... - [0.0.4-12] - Fix up config/relayclients - need a dot after network blocks -* Thu May 11 2005 Gordon Rowell +* Wed May 11 2005 Gordon Rowell + Thu May 11 2005 --> Thu May 05 2005 or Wed May 11 2005 or Thu May 12 2005 or .... - [0.0.4-11] - Also regenerate goodrcptto in {user,pseudonym}-modify, since details about the account may have changed -* Thu May 11 2005 Gordon Rowell +* Wed May 11 2005 Gordon Rowell + Thu May 11 2005 --> Thu May 05 2005 or Wed May 11 2005 or Thu May 12 2005 or .... - [0.0.4-10] - Actually regenerate goodrcptto in the events mentioned in 0.0.3-01 (typo in createlinks) @@ -732,21 +907,40 @@ SME Server qpsmtpd smtpd module %prep %setup %patch0 -p1 +rm -rf root/usr/lib/systemd/system-preset +%patch1 -p1 +%patch2 -p1 +%patch3 -p1 +%patch4 -p1 +%patch5 -p1 +%patch6 -p1 +%patch7 -p1 %build perl createlinks +mkdir -p root/var/lib/qpsmtpd/karma +mkdir -p root/var/lib/qpsmtpd/dmarc +mkdir -p root/home/e-smith/dkim_keys/default +mkdir -p root/var/service/qpsmtpd/config/dkim PEERS_CONFIG=root/etc/e-smith/templates/var/service/qpsmtpd/config/peers mkdir -p $PEERS_CONFIG/0 mkdir -p $PEERS_CONFIG/local DISABLE_LOCAL=" -10check_earlytalker +09karma +10earlytalker 12count_unrecognized_commands -16require_resolvable_fromhost +15helo +16resolvable_fromhost +19loadcheck 20rhsbl 22dnsbl +221spf +223dmarc +23naughty +34badrcptto_ext 70spamassassin " @@ -756,6 +950,7 @@ do done DISABLE_EXTERNAL=" +34badrcptto 65disclaimer " @@ -804,7 +999,11 @@ rm -f %{name}-%{version}-%{release}-file --dir /var/log/sqpsmtpd "attr(2750,smelog,smelog)" \ \ --file /var/service/sqpsmtpd/sqpsmtpd "attr(0755,root,root)" \ - --dir /var/spool/qpsmtpd "attr(2750,qpsmtpd,clamav)" \ + --dir /var/spool/qpsmtpd "attr(2750,qpsmtpd,clamscan)" \ + --dir /var/lib/qpsmtpd/karma "attr(2750,qpsmtpd,qpsmtpd)" \ + --dir /var/lib/qpsmtpd/dmarc "attr(2750,qpsmtpd,qpsmtpd)" \ + --dir /home/e-smith/dkim_keys "attr(2750,root,qpsmtpd)" \ + --dir /var/service/qpsmtpd/config/dkim "attr(2750,qpsmtpd,qpsmtpd)" \ \ --file /usr/local/bin/qplogsumm.pl "attr(0755,root,root)" \ > %{name}-%{version}-%{release}-filelist @@ -822,6 +1021,11 @@ true %post +#Fix spool perms on clam upgrade +if [[ -d /var/spool/qpsmtpd ]]; then + chown qpsmtpd:clamscan /var/spool/qpsmtpd; +fi + %clean rm -rf $RPM_BUILD_ROOT